Jennifer Granick fights for civil liberties in an age of massive surveillance and powerful digital technology. As the new surveillance and cybersecurity counsel with the ACLU's Speech, Privacy and Technology Project, she litigates, speaks, and writes about privacy, security, technology, and constitutional rights. Granick is the author of the bookAmerican Spies: Modern Surveillance, Why You Should Care, and What To Do About It, published by Cambridge Press and winner of the 2016 Palmer Civil Liberties Prize.

Granick spent much of her career helping create Stanford Law School’s Center for Internet and Society. From 2001 to 2007, she was Executive Director of CIS and founded the Cyberlaw Clinic, where she supervised students in working on some of the most important cyberlaw cases that took place during her tenure. For example, she was the primary crafter of a 2006 exception to the Digital Millennium Copyright Act which allows mobile telephone owners to legally circumvent the firmware locking their device to a single carrier. From 2012 to 2017, Granick was Civil Liberties Director specializing in and teaching surveillance law, cybersecurity, encryption policy, and the Fourth Amendment. In that capacity, she has published widely on U.S. government surveillance practices, and helped educate judges and congressional staffers on these issues. Granick also served as the Civil Liberties Director at the Electronic Frontier Foundation from 2007-2010. Earlier in her career, Granick spent almost a decade practicing criminal defense law in California.

Granick’s work is well-known in privacy and security circles. Her keynote, "Lifecycle of a Revolution" for the 2015 Black Hat USA security conference electrified and depressed the audience in equal measure. In March of 2016, she received Duo Security’s Women in Security Academic Award for her expertise in the field as well as her direction and guidance for young women in the security industry. Senator Ron Wyden (D-Ore) has called Granick an "NBA all-star of surveillance law.”

It’s the season for “cyberthreat” information sharing proposals. There’s the White House plan, announced in January. There’s the Cybersecurity Information Sharing Act, or CISA, which passed out of the Senate Intelligence Committee on a 14-1 vote earlier this month.

Aaron Swartz died this month two years ago. On the evening of January 21, the American Bar Association White Collar Crime Committee is hosting an event about Aaron and his case. I'll be there, as will Brian Knappenberger, Director Of The Internet’s Own Boy, and Elliot Peters, Aaron's lawyer.

This week's Monday Reflection on Just Security is from me, spilling the beans about all of last week's secrecy news, from Twitter and EFF on NSLs to James Risen's Lovejoy Award and the Department of Defense's revisionist history of the Vietnam War. Check it out!

The Foreign Intelligence Surveillance Court declassified an opinion today which, although highly redacted, illuminates the way at least one Judge is interpreting his mandate to protect the First Amendment activities of Americans who the FBI seeks to investigate under USA PATRIOT Act Section 215, codified at 50 USC 1861.

Pages

Encryption helps human rights workers, activists, journalists, financial institutions, innovative businesses, and governments protect the confidentiality, integrity, and economic value of their activities. However, strong encryption may mean that governments cannot make sense of data they would otherwise be able to lawfully access in a criminal or intelligence investigation.

Arguing that a defendant’s conviction for website hacking should be overturned because legitimate, highly valuable security and privacy research commonly employs techniques that are essentially identical to what the defendant did and that such independent research is of great value to academics, government regulators and the public even when – often especially when — conducted without a website owner’s permission.

Arguing that if the court should not compel Apple to create software to enable unlocking and search of the San Bernardino shooter’s iPhone, it will jeopardize digital and personal security more generally.

After the Estate of James Joyce refused to allow a scholar to quote Joyce in her book, we successfully defended her right under the fair use doctrine to use the quotes she needed to illustrate her scholarship. After we prevailed in the case, the Estate paid $240,000 of our client’s legal fees.

Pages

On Friday, Congress will vote on a mutated version of security threat sharing legislation that had previously passed through the House and Senate. These earlier versions would have permitted private companies to share with the federal government categories of data related to computer security threat signatures. Companies that did so would also receive legal immunity from liability under the Electronic Communications Privacy Act (ECPA) and other privacy laws.

Here’s the latest in the encryption case we’ve been writing about in which the Justice Department is asking Magistrate Judge James Orenstein to order Apple to unlock a criminal defendant’s passcode-protected iPhone. The government seized and has authority to search the phone pursuant to a search warrant.

Pending before federal magistrate judge James Orenstein is the government’s request for an order obligating Apple, Inc. to unlock an iPhone and thereby assist prosecutors in decrypting data the government has seized and is authorized to search pursuant to a warrant.

Last week, we wrote about an order from a federal magistrate judge in New York that questioned the government’s ability, under an ancient federal law called the All Writs Act, to compel Apple to decrypt a locked device which the government had seized and is authorized to search pursuant to a warrant.

Pages

"“YouTube as a private company is well within its rights,” said Jennifer Granick, a speech and technology expert at the American Civil Liberties Union. But “YouTube will make mistakes, and over-censor.”"

"Jennifer Granick, a surveillance and cybersecurity counsel with the ACLU, explains that the purpose of the law “isn’t necessarily to protect the tech companies, but to protect the American people in having a platform where you can post information and post our stories, because if the platforms were liable for information that their users publish, then they wouldn’t be able to publish that information. They would have to go through some kind of advanced review process.”"

"In a Stanford CIS blog post, Pfefferkorn said she found hope in the opinion. “For one, the court rejected the government’s unfounded attempt to argue that we lack standing to seek to unseal these records at all,” she wrote. “It is well-established that members of the public have standing to seek to unseal sealed court records, and the court refused to depart from that settled law.

"Jennifer Granick, surveillance and cybersecurity counsel for the American Civil Liberties Union, told USA TODAY Sports that delayed-notice warrants often lack guidelines to protect bystanders caught during surveillance under a provision of the Patriot Act.

"“Normally we think of the judiciary as being the overseer, but as the technology has gotten more complex, courts have had a harder and harder time playing that role,” said Jennifer Granick, surveillance and cybersecurity counsel at the American Civil Liberties Union. “We’re depending on companies to be the intermediary between people and the government.”"

Pages

Stanford CIS brings together scholars, academics, legislators, students, programmers, security researchers, and scientists to study the interaction of new technologies and the law and to examine how the synergy between the two can either promote or harm public goods like free speech, innovation, privacy, public commons, diversity, and scientific inquiry

Welcome to Startup Policy Lab’s The Policy Series, hosted by Runway! For our first October session, we go one-on-one with Jennifer Granick, Director of Civil Liberties at Stanford Center for Internet and Society (CIS).

Speaker: Jennifer Granick, Stanford University NSA stands for National Security Agency, but the agency is at odds with itself in its security mission. Undermining global encryption standards, intercepting Internet companies' data center transmissions, using auto-update to spread malware, and demanding law enforcement back doors in products and services are all business as usual. What legal basis does NSA and FBI have for these demands, and do they make the country more or less safe?

Pages

Have you ever borrowed a smartphone without asking? Modified a URL? Scraped a website? Called an undocumented API? Congratulations: you might have violated federal law! A 1986 statute, the Computer Fraud and Abuse Act (CFAA), provides both civil and criminal remedies for mere "unauthorized" access to a computer.

Have you ever borrowed a smartphone without asking? Modified a URL? Scraped a website? Called an undocumented API? Congratulations: you might have violated federal law! A 1986 statute, the Computer Fraud and Abuse Act (CFAA), provides both civil and criminal remedies for mere "unauthorized" access to a computer.

Synopsis: CODE 2600 documents the rise of the Information Technology Age as told through the events and people who helped build and manipulate it. The film explores the impact this new connectivity has on our ability to remain human while maintaining our personal privacy and security. As we struggle to comprehend the wide-spanning socio-technical fallout causd by data collection and social networks, oru modern culture is caught in an undercurrent of cyber-attacks, identity theft and privacy invasion.